By Charles Cooper
April 21, 2008
Information security may be improving but embarrassing incidents
involving data loss or identity theft at the Veterans' Administration
and at TJX Companies, the operator of T.J. Maxx and Marshalls retail
chains, suggest that the battle is a long way from victory.
Indeed, three-fourths of the information security professionals around
the world surveyed by Frost & Sullivan say they now consider avoiding
reputation damage to their organizations as a top priority.
That fits with the times. Increasingly, companies are elevating the
prevention of high-profile data security breaches to the level of a
strategic goal, if not competitive weapon.
Here's where things are getting interesting. That new sensitivity to
data loss has invited more high-level scrutiny from the business side
into how IT maps out its cyberdefenses. In fact, the percentage of
information security personnel reporting to executive management or
boards of director has climbed to 49 percent from 21 percent just four
"Information security professionals are under increasing pressure to
secure not just the perimeter of the organization but all the data and
employees that belong to the organization," according to the report,
which was conducted at the behest of the International Information
Systems Security Certification Consortium.
"We're seeing a shift toward a more information-centric approach...where
will need to take security consciousness beyond IT to every person in
the organization," said Howard Schmidt, the president of R&H Security
Consulting. "Time is clearly of the essence and we have to rethink our
approach to security,"
The survey included responses from 7,548 information security experts in
various geographies. Among its other conclusions:
51 percent of respondents say that internal employees pose the biggest
75 percent of respondents see viruses and Internet work attacks as top
or high threats. Next in line as a security concern came hackers and
Cyberterrorism remains more of a concern for government than for people
working in other sectors.
The most concern voiced about all security threats came from the
The report also suggested a good news-bad news paradox: Even as the
economy slows, security concerns should contribute to strong demand for
products and services that help IT prevent data breaches. The report
also said that regulatory compliance will also factor into the equation,
feeding demand for more information security professionals.
Subscribe to the InfoSec News RSS Feed